| Author |
 Topic  |
|
|
vanbasten
Starting Member
Netherlands
7 Posts |
 Posted - 07/03/2012 : 16:35:34
|
Recently I have a db moved to a new server by attaching the mdf and ldf files. Then I setup a Windows Authenticated login using a Windows domain account on this new server. The only server role on this domain account is "public". And it has only "db_owner" role on db1.
For some reason, this domain account can access all the databases on this instance (not just db1) and it can even create new databases, just like as if it has the sysadmin role (it doesn't). Is there any way to check what is wrong with the role/permission on this domain account? This domain account is not a local admin I don't think.
Thanks. |
|
|
tkizer
Almighty SQL Goddess
USA
35007 Posts |
|
|
vanbasten
Starting Member
Netherlands
7 Posts |
Posted - 07/03/2012 : 18:33:16
|
account name type privilege mapped login name permission path
-----------------------------------------------------------------------------------
COMPANY\account1 user admin COMPANY\account1 BUILTIN\Administrators
You are right. The permission path of the Domain\Username shows "BUILTIN\Administrators". However, I checked the members of Administrator and this domain account is not in there. I did copy this database from an old server (running SQL 2005) where this domain account was a local admin. After I attached this db to this new server (SQL 2008), is it possible that some permission information get carry over? Thanks.
|
 |
|
|
tkizer
Almighty SQL Goddess
USA
35007 Posts |
|
| |
Topic |
|
role on a domain account
